Security Portal: An overview of OS security features - part IMar 22, 2000, 19:21 (0 Talkback[s])
(Other stories by Kurt Seifried)
"Computer security is a very subjective topic, especially when it comes to the various operating systems. I will attempt to be objective in this article, and any conclusions I draw will (hopefully) be supported by overwhelming evidence. To be fair my background is mostly with Linux and NT, with a good dose of OpenBSD and Solaris."
"One of the more basic components of computer security is file system security...The (simple) standard for most UNIX platforms is... is simple to implement, flexible enough to allow for most common needs, and generally reliable."
"No matter how good your security, chances are you will suffer a "security incident"... A determined attacker will replace common binaries (such as ls, ps, bash, the kernel), allowing them to cover their tracks..."
"For Linux there are quite a few tools, but outside the Linux world it seems that Tripwire is the only game in town."
"Logging and auditing -- This is one area where the proprietary operating systems tend to do a little bit better. NT 4.0 and Windows 2000 have rather extensive logging capabilities... As always, you need to protect the central log host from attacks/etc, also it should have extremely large volumes, as many attackers will try to flood it..."